var express = require('express');
var router = express.Router();
var crypto = require('crypto');
var session = require('express-session');

var db = require("./../utils/db.js");



router.get('/login', function (req, res, next) {
    var loginedUser = req.session.loginedUser;
    if (!loginedUser) {
        res.render('login', {title: '登录'});
    } else {
        res.redirect('/index');
    }
});

router.post('/loginHandler', function (req, res, next) {
    var loginname = req.body.loginname;
    var password = req.body.password;
    var md5 = crypto.createHash('md5');
    var passwordMd5 = md5.update(password).digest('hex');

    var sql = "select * from base_user " +
        "where loginname='" + loginname + "' and password='" + passwordMd5 + "'";

    db.query(sql, function (err, rows) {
        console.log(rows)
        if (rows&&rows.length > 0) {
            req.session.loginedUser = {
                id: rows[0].id,
                name: rows[0].loginname,
                realname: rows[0].person_name,
                teamPermission: rows[0].team_permission
            };
            res.json({
                errcode: 0,
                message: '登录成功'
            });
        } else {
            res.json({
                errcode: 1,
                message: '用户名或密码错误'
            });
        }
    });

});

router.get('/modifyPassword', function (req, res, next) {
    var loginedUser = req.session.loginedUser;
    var id = loginedUser.id;
    var sql = "select * from base_user where id="+ id+"" ;

    if (!loginedUser) {
        res.render('login', {title: '登录'});
    } else {
        db.query(sql, function (err, rows) {
            console.log(rows)
            res.render('modifyPassword', {
                id: rows[0].id,
                loginName: rows[0].loginname,
                password: rows[0].password,
                newPassword: '',
                confirmPassword: ''
            });
        })
    }
});

router.post('/password/save', function (req, res, next) {
    var loginName = req.body.loginName;
    var newPassword = req.body.newPassword;
    console.log(loginName)
    console.log(newPassword)
    var md5 = crypto.createHash('md5');
    var passwordMd5 = md5.update(newPassword).digest('hex');

    var sql = "update base_user set password='" + passwordMd5 + "' where loginname='"+ loginName +"'";

    db.query(sql, function (err, rows) {
        if (rows&&rows.length > 0) {
            req.session.loginedUser = {
                id: rows[0].id,
                name: rows[0].loginname
            };
            res.json({
                errcode: 0,
                message: '登录成功'
            });
        } else {
            req.session.loginedUser = null;
            res.json({
                errcode: 1,
                message: '用户名或密码错误'
            });
        }
    });

});

router.get('/logout', function (req, res, next) {
    req.session.loginedUser = null;
    res.redirect('/login');
});


module.exports = router;
